b721a541097281364a80c6c12df1c8537358f5d3d0cd4c469bd966b90a598eb0 | Triage

Sharing

General

Target

b721a541097281364a80c6c12df1c8537358f5d3d0cd4c469bd966b90a598eb0
Size

204KB
Sample

221206-s8dz8see41
MD5

098426634b62f0c336a9d955f442d7b0
SHA1

d2a3570d1d6eaae3617e49d4cd08b2655eb82243
SHA256

b721a541097281364a80c6c12df1c8537358f5d3d0cd4c469bd966b90a598eb0
SHA512

cf31912ff9bf2a0ccc2579b0cd6c2d064597d70bb42c347d8f1bfa63e2b4b406c961e624f2eae031ad904ddd6b9d765b4124265b9c2203e719183c8b5e1589a7
SSDEEP

3072:TvMgdS7msl7npNGCwh2lJYPJlbiwrEpDQNaPDVRdLeegBlunvgxToeaizVUeHyH:wmS7yXgYhAFc6DLxeesccBcMy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b721a541097281364a80c6c12df1c8537358f5d3d0cd4c469bd966b90a598eb0
- Size
  
  204KB
- MD5
  
  098426634b62f0c336a9d955f442d7b0
- SHA1
  
  d2a3570d1d6eaae3617e49d4cd08b2655eb82243
- SHA256
  
  b721a541097281364a80c6c12df1c8537358f5d3d0cd4c469bd966b90a598eb0
- SHA512
  
  cf31912ff9bf2a0ccc2579b0cd6c2d064597d70bb42c347d8f1bfa63e2b4b406c961e624f2eae031ad904ddd6b9d765b4124265b9c2203e719183c8b5e1589a7
- SSDEEP
  
  3072:TvMgdS7msl7npNGCwh2lJYPJlbiwrEpDQNaPDVRdLeegBlunvgxToeaizVUeHyH:wmS7yXgYhAFc6DLxeesccBcMy
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2